hans
hans copied to clipboard
friedrich
Android Package
Hi there it works great on Windows/Linux/iOS ... Ist there support for Android? I couln't find any packages or build docs.
Thank you for help. Greetings Hans-Juergen Petrich
Unfortunately I didn't have the time to try and run it on Android. But it should be possible. At least on a rooted device. Maybe some small changes in the tun device handling code are necessary.
This may be of useful: http://code.metager.de/source/xref/android/4.4/frameworks/base/services/jni/com_android_server_connectivity_Vpn.cpp#56
If you figure anything out let me know!
Thank you for your reply. i was also thinking that the tun interface would be an issue... but yes... should be possible with some changes in the source. when times permit i'll try it :-) ...
Thank you again... the icmp tunnel works really great on my machines... still wondering how fast ICMP could be :-)
I'm working on it... I have ported the hans executable to Android 5.0 and it runs great (needs some very small changes but overall not many modifications). I'm currently working on the frontend.
Also, @friedrich , I tried to remove the server part from the code (consider it is very unlikely that people will run hans as a server on an Android device), and I had a problem where client verifies the magic. If I keep the following lines, the compiler will run into an error:
"src/client.cpp:168: error: undefined reference to 'Server::magic' collect2: error: ld returned 1 exit status Makefile:19: recipe for target 'hans' failed"
where the corresponding lines are:
"if (header.magic != Server::magic) return false;"
If I remove those two lines, it complies and runs without problems (or at least it seems).
Again thanks for the great work!
Why do you want to remove the server code? It does not significantly increase the size of the executable.
True, it's not that much - 0.5 MB out of 3.5 MB of compiled executable. More like a proof of concept.
Author: hello! Can you make the ICMP development to support Android, I look forward to your APK package
@raidenii Hello. I Tip waring statically compiled by linux android-hans (https://github.com/raidenii/hans-android). Reads as follows: hans -c 104.xxx.xxx.xxx -p password -d tun0 < ./hans: opened tunnel device: tun0 ./hans: could not set tun device mtu ./hans: detaching from terminal
Can you give me a binary file? Thank you.
Hi friedrich, I am trying to compile it to android so share library, but there is some problem in code.
- Exception not support in ndk, i will remove all of them. 2.some point usage is not strict, like 66 line in client.cpp, there is no initial before usage after point convert, this is not support in android. and i am not familiar with c++, so could you do some help for me?
@Terrency Exceptions are supported since NDKr5 https://developer.android.com/ndk/guides/cpp-support.html
Necro bump!
Hey guys, nobody special here just a user. Been messing with TAP drivers on Windows and finally got the Windows binary to work well enough. Also, if your target machine running the daemon is virtual, just kill yourself now and don't do what I did and apply kernel patches to the hypervisor to make it work~
ANYWAYS, I am really interested if raiden or friedrich got an Android version to work. Here is the reason: I have been doing some testing when connected to cellular hotspots, and it seems (at least in the US, and on the carriers I tried) that ICMP traffic doesn't register as "data use" on their data plans. Of course this means as long as I run the daemon at home on my cable modem, I can hans tunnel from my phone to home and have unlimited (albeit not fantastic) data on my phone.
I understand to do this on Android the phone will need to be rooted to use the ICMP stack. I don't have enough familiarity with compiling source for a platform other than that one i'm on to try a compile for ARM on my x86 devbox.
Looking forward to seeing if this can be worked out!
Hi all, I'm not familiar with networking at all yet but I've been looking into covert channels and I noticed that Iodine (IP over DNS) has an Android app (Andiodine) that doesn't require root access. A solution like that would be perfect for Hans too as the two would be a great complement to each other when traveling. It uses the VpnService API available in Android (14+ I believe) to get around the root requirement, but I suppose that would mean a complete rewrite of the Hans client? If somebody could work with me to make this happen that'd be great ;)
Unfortunately Hans needs root privileges to send and receive ICMP packets. It needs the CAP_NET_RAW privilege to be precise.
Please make it compatible with android pls...! @friedrich and @tkon99
@friedrich this is apparently no longer the case. This is an example of a simple communication protocol over ICMP, running perfectly fine on Android (no root required). It's possible to adapt this to tunnel network traffic through it. It was made by a friend of mine @tomsmeding, credits to him.
To be precise, one can create a socket using IPPROTO_ICMP as the third argument. If I remember correctly, this allows sending arbitrary pings, but not constructing your own ping replies. So when communicating between a server (a device that has a public IP) and a client (a device that doesn't), the server still needs raw socket privileges to be able to construct arbitrary replies that get sent back to the client, but the client only needs the ability to open an ICMP socket to send arbitrary pings. And that permission is in my experience enabled by default on android.
(The socket() call I use is here.)
That's very nice, thanks! I did not realize that you needed different permissions as a client and as a server in this case, but it make sense of course. I have to check if this is true in general in Linux.
For later reference:
return socket(PF_INET, SOCK_DGRAM, IPPROTO_ICMP);
vs
return socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
@friedrich I can attest that this is not true in general on Linux; e.g. my laptop doesn't have that permission enabled by default. Of course, you can change this if you're root by writing certain values to /proc/sys/net/ipv4/ping_group_range; see https://lwn.net/Articles/422330 for more information.
For the record: In order to support running without root privileges on android, we probably need to use VpnService instead of tuntap.
Is the android port still active? I get this error in Android Oreo 8.0 (unrooted) ./hans : creating icmp socket: Operation not permitted Having root will eliminate this error? Thanks in advance.
@xtianxian What does the file /proc/sys/net/ipv4/ping_group_range contain? And what does running id print?
@tomsmeding cat /proc/sys/net/ipv4/ping_group_range 0 2147483647
I actually have rooted my device and I'm getting the error below. ./hans : could not create tunnel device: No such file or directory This is the only thing I get. Can I generate a more detailed log? how?
Probably hans is not using it yet, but that output means that my ipproto_icmp trick would indeed work on your device. Don't know about your error though, will just slip away now...
@tomsmeding - I found out what file it is trying to look for. It's the /dev/net/tun in tun_dev.c I tried creating it by mknod /dev/net/tun c 10 200. Is this correct? I got a few pings registered in wireshark when i started hans client then the ping stops. And I get flooded in android by these logs. Any idea?
chatty : uid=0(root) /data/local/tmp/hans identical 201 lines /data/local/tmp/hans: error reading from tun: File descriptor in bad state
@tomsmeding. It is looking for both /dev/net/tun and /dev/tun. But in my device I only have /dev/tun initially. Also if I use -d tun0 it errors out with No such file. I can execute it with -d tun. But it gives "error reading from tun: File descriptor in bad state"
I'm working on it... I have ported the hans executable to Android 5.0 and it runs great (needs some very small changes but overall not many modifications). I'm currently working on the frontend.
Also, @friedrich , I tried to remove the server part from the code (consider it is very unlikely that people will run hans as a server on an Android device), and I had a problem where client verifies the magic. If I keep the following lines, the compiler will run into an error:
"src/client.cpp:168: error: undefined reference to 'Server::magic' collect2: error: ld returned 1 exit status Makefile:19: recipe for target 'hans' failed"
where the corresponding lines are:
"if (header.magic != Server::magic) return false;"
If I remove those two lines, it complies and runs without problems (or at least it seems).
Again thanks for the great work!
Hi, Is the Android version of the project available now? And is it possible to send the program source? Or is there a usable apk file?
